MiracleLinux 4 : grep-2.20-3.AXS4 (AXSA:2015-422:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-422:01 advisory. The GNU versions of commonly used grep utilities. Grep searches through textual input for lines which contain a match to a specified pattern and then...

CVE-2025-5667 FreeFloat FTP Server REIN Command buffer overflow

A vulnerability was found in FreeFloat FTP Server 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the component REIN Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the...

CVE-2023-5667

The Tab Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2020-5667

Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. By exploiting this vulnerability, API key for an external service may be obtained by analyzing data in the app...

CVE-2018-5667

An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnuusernamevalidationpattern parameter...

CVE-2024-5667

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Featherlight.js JavaScript library versions 1.7.13 to 1.7.14 in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-5667

creationtimestamp| type| source ---|---|--- 2025-03-05 09:36:05+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6527 2025-03-05 12:45:53+00:00| seen| https://t.me/cvedetector/19612...

CVE-2024-5667

CVE-2024-5667 concerns Stored DOM-Based Cross-Site Scripting via the Featherlight.js library bundled in multiple WordPress plugins. The Connected Documents confirm concrete details: authenticated attackers with contributor+ access can inject scripts that execute on users’ pages. The root cause is...

Security Bulletin: Vulnerabilities affect NVIDIA GPU Display Drivers for Linux and Windows

Summary NVIDIA has released an update to address the following vulnerabilities in GPU Display Drivers for Linux and Windows. Vulnerability Details CVEID: CVE-2018-6260 DESCRIPTION: NVIDIA graphics driver could allow a local authenticated attacker to obtain sensitive information, caused by a flaw ...

WordPress Tab Ultimate Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Tab Ultimate Type Plugin Vulnerable versions = 1.3 Fixed in 1.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5667 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 6b4d31988178 Credits István Márton Required privileg...

K69662152: Grep vulnerability CVE-2012-5667

Security Advisory Description Multiple integer overflows in GNU Grep before 2.11 might allow context-dependent attackers to execute arbitrary code via vectors involving a long input line that triggers a heap-based buffer overflow. CVE-2012-5667 Impact This vulnerability allows unauthorized...

SUSE CVE-2015-5667

Cross-site scripting XSS vulnerability in the HTML-Scrubber module before 0.15 for Perl, when the comment feature is enabled, allows remote attackers to inject arbitrary web script or HTML via a crafted comment...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5667-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5667-1 advisory. Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading t...

CVE-2020-5667

creationtimestamp| type| source ---|---|--- 2020-11-06 07:50:30+00:00| seen| https://t.me/cibsecurity/15964...

CVE-2020-5667

Studyplus App (Android v6.3.7 and earlier; iOS v8.29.0 and earlier) contains a hard-coded API key for an external service, enabling an attacker to retrieve the key by analyzing app data. Root cause: hard-coded credentials in the client. Impact: potential exposure of the external service API key; ...

Security Bulletin: Grep vulnerabilities affect IBM SmartCloud Entry (CVE-2012-5667)

Summary IBM SmartCloud Entry is vulnerable to several Grep vulnerabilities. Remote attackers can exploit them to obtain sensetive information or launch further attacks on the system. Vulnerability Details CVEID: CVE-2012-5667 DESCRIPTION: grep is vulnerable to a heap-based buffer overflow, caused...

CVE-2019-5667

Summary of CVE-2019-5667 : NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel-mode layer (nvlddmkm.sys) handler for DxgkDdiSetRootPageTable, where a pointer expected to be valid is NULL, potentially enabling code execution, denial of service, or privilege escalation. Affecte...

Security Bulletin: Multiple vulnerabilities in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance (CVE-2015-1345, CVE-2012-5667)

Summary Multiple vulnerability in GNU grep affect IBM SmartCloud Provisioning for IBM Software Virtual Appliance. Vulnerability Details CVEID: CVE-2015-1345 DESCRIPTION: GNU grep is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by an error in kwset.c. A remote...

Security Bulletin: Vulnerabilities in GNU grep utility affect IBM Security Network Protection (CVE-2012-5667, and CVE-2015-1345)

Summary The grep utility searches through textual input for lines that contain a match to a specified pattern and then prints the matching lines. Security vulnerabilities have been discovered in grep utility used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-1345...

CVE-2018-5667

CVE-2018-5667 affects the WordPress plugin read-and-understood (version 2.1) . A cross-site scripting (XSS) vulnerability exists exposed by the parameter rnu_username_validation_pattern in the file wp-admin/options-general.php . The issue arises from how user-supplied input is handled, enabling i...